supaapps / supaapps-guard
A JWT Auth driver, opinionated and tailed to work with supaapps-auth-server
Installs: 1 057
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 1
Requires
- php: ^8.1 || ^8.3
- firebase/php-jwt: ^6.10
- illuminate/auth: ^10.0 || ^11.0
- illuminate/contracts: ^10.0 || ^11.0
- illuminate/database: ^10.0 || ^11.0
- illuminate/http: ^10.0 || ^11.0
- illuminate/support: ^10.0 || ^11.0
Requires (Dev)
- nunomaduro/collision: ^7.8
- orchestra/testbench: ^8.21
- squizlabs/php_codesniffer: ^3.8
- dev-main
- v0.7.0
- v0.6.0
- v0.5.0
- v0.4.0
- v0.3.0
- v0.2.0
- v0.1.7
- v0.1.6
- v0.1.5
- v0.1.4
- v0.1.3
- v0.1.2
- v0.1.1
- v0.1.0
- dev-feature/SGRD-9_support-regex-realm-as-parameter-to-guard
- dev-feature/SGRD-8_create-dynamic-jwt-driver-that-compares-token-realm-with-stored-user-realm
- dev-bugfix/SGRD-7_Remove_incrementing_from_users_table_to_allow_creation_of_logged_in_user_locally
- dev-feature/SGRD-4_add-usage-test-case-functions-to-generate-jwt-trait
- dev-feature/SGRD-6_check-scope-has-role-and-return-it
- dev-feature/SGRD-5_align_with_laravel_contracts_for_auth_guard
- dev-feature/SGRD-3_Check_revoked_token_ids_cache_them_for_15_seconds
- dev-feature/SGRD-2_ability_to_test_jwt_auth_guard
This package is auto-updated.
Last update: 2025-03-27 16:42:58 UTC
README
Installation
composer require supaapps/supaapps-guard
ENV vars
add env vars to your .env:
SUPAAPPS_GUARD_AUTH_SERVER_URL=http://example.com SUPAAPPS_GUARD_AUTH_REALM_NAME=myapp
Add new custom guard
On config/auth.php add the new guard
'guards' => [ 'jwt' => [ 'driver' => 'supaapps-guard', 'provider' => 'users', ], ],
Also, set the default guard to jwt
'defaults' => [ 'guard' => 'jwt', ...
Usage example
on routes/api.php, add following lines
Route::middleware('auth:jwt')->get('/user', function (Request $request) { return [ $request->user(), auth()->firstName(), auth()->lastName(), auth()->email(), auth()->scopes(), auth()->scopesArray(), ]; });
note: auth() uses the default drive by default. If you didn't set the jwt as default driver then you need to call auth('jwt') on the previous usage example
Testing
You can generate JWT token for testing. It will be generated with private_key from tests folder. And will be compared with public_key on same folder as well. example
use Tests\TestCase; use Supaapps\Guard\Tests\Concerns\GenerateJwtToken; class CustomTest extends TestCase { use GenerateJwtToken; public function testThatIAmActingAsUser(): void { $user = User::factory()->create(); $this->withAccessTokenFor($user); $this->assertTrue(auth('jwt')->check()); $this->assertTrue($user->id, auth('jwt')->id()); } }
HTTP testing
withAccessTokenFor method is adding the Bearer token to headers which are sent by http tests. But you need to specify the server url somewhere on your tests. eg. tests/CreatesApplication:
<?php use Supaapps\Guard\Tests\Concerns\GenerateJwtToken; trait CreatesApplication { use GenerateJwtToken; public function createApplication(): Application { ... $this->setAuthServerUrl(); return $app; } }
Next run your http tests, for example:
<?php namespace Tests\Feature; use Tests\TestCase; class CustomTest extends TestCase { public function itReturnsTheAuthUser(): void { $user = User::factory()->create(); $this->withAccessTokenFor($user); // assume you have /user endpoint that // - uses auth:jwt middleware // - and returns auth user $response = $this->getJson('/user'); $response->assertOk() ->assertJson($user->toArray()); } }